﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web.Mvc;
namespace Anythink.Mvc
{
    public class UserAuthorizeAttribute : AuthorizeAttribute
    {
        public UserAuthorizeAttribute()
        {
            NeedAdmin = false;
        }

        public bool NeedAdmin { get; set; }

        protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
        {
            CurrentUser user = httpContext.GetCurrentUser();
            return NeedAdmin ? user.IsAuthorized && user.IsAdmin : user.IsAuthorized;
        }

        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            filterContext.Result = new RedirectToRouteResult("Default", new System.Web.Routing.RouteValueDictionary(new { action = "login", controller = "home" }));
        }
    }
}
